View | Details | Raw Unified | Return to bug 63679
Collapse All | Expand All

(-)a/modules/ssl/ssl_engine_kernel.c (-2 / +2 lines)
Lines 1831-1838 int ssl_callback_SSLVerify(int ok, X509_STORE_CTX *ctx) Link Here
1831 
    /*
 1831 
    /*
1832 
     * Perform OCSP-based revocation checks
 1832 
     * Perform OCSP-based revocation checks
1833 
     */
 1833 
     */
1834 
    if (ok && ((sc->server->ocsp_mask & SSL_OCSPCHECK_CHAIN) ||
 1834 
    if (ok && ((mctx->ocsp_mask & SSL_OCSPCHECK_CHAIN) ||
1835 
         (errdepth == 0 && (sc->server->ocsp_mask & SSL_OCSPCHECK_LEAF)))) {
1835 
         (errdepth == 0 && (mctx->ocsp_mask & SSL_OCSPCHECK_LEAF)))) {
1836 
        /* If there was an optional verification error, it's not
 1836 
        /* If there was an optional verification error, it's not
1837 
         * possible to perform OCSP validation since the issuer may be
 1837 
         * possible to perform OCSP validation since the issuer may be
1838 
         * missing/untrusted.  Fail in that case. */
 1838 
         * missing/untrusted.  Fail in that case. */

Return to bug 63679